package com.aba.bms.system;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;

public class UserPermissionDao {
    private Statement ConnectionDatabaseForMySQLUseJdb;

	// 添加权限
    public boolean addPermission(String roleName, String permissionName, String description) throws SQLException {
        String sql = "INSERT INTO user_permissions (role_name, permission_name, description) VALUES (?, ?, ?)";
        try (Connection conn = ConnectionDatabaseForMySQLUseJdb.getConnection();
             PreparedStatement stmt = conn.prepareStatement(sql)) {
            stmt.setString(1, roleName);
            stmt.setString(2, permissionName);
            stmt.setString(3, description);
            return stmt.executeUpdate() > 0;
        }
    }
 
    // 查询角色权限
    public List<String> getPermissionsByRole(String roleName) throws SQLException {
        List<String> permissions = new ArrayList<>();
        String sql = "SELECT permission_name FROM user_permissions WHERE role_name = ?";
        try (Connection conn = ConnectionDatabaseForMySQLUseJdb.getConnection();
             PreparedStatement stmt = conn.prepareStatement(sql)) {
            stmt.setString(1, roleName);
            ResultSet rs = stmt.executeQuery();
            while (rs.next()) {
                permissions.add(rs.getString("permission_name"));
            }
        }
        return permissions;
    }
}